# Injection Vulnerabilities

- [Cross-Site Scripting (XSS)](/pentesting/web-applications/injection-vulnerabilities/cross-site-scripting.md)
- [Blind Cross-Site Scripting](/pentesting/web-applications/injection-vulnerabilities/cross-site-scripting/blind-cross-site-scripting.md)
- [Finding Cross-Site Scripting](/pentesting/web-applications/injection-vulnerabilities/cross-site-scripting/finding-cross-site-scripting.md)
- [Stealing Cookies](/pentesting/web-applications/injection-vulnerabilities/cross-site-scripting/stealing-cookies.md)
- [XSS Payloads](/pentesting/web-applications/injection-vulnerabilities/cross-site-scripting/xss-payloads.md)
- [CSV Injection](/pentesting/web-applications/injection-vulnerabilities/csv-injection.md)
- [XML External Entity Injection (XXE)](/pentesting/web-applications/injection-vulnerabilities/external-entity-injection-xxe.md)
- [LDAP Injection](/pentesting/web-applications/injection-vulnerabilities/ldap-injection.md)
- [NoSQL Injection](/pentesting/web-applications/injection-vulnerabilities/nosql-injection.md)
- [Server-Side Template Injection](/pentesting/web-applications/injection-vulnerabilities/server-side-template-injection.md)
- [SQL Injection](/pentesting/web-applications/injection-vulnerabilities/sql-injection.md)